<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
    <meta name="viewport" content="width=device-width, initial-scale=1">
	<title>SAML logout API | ElasticSearch 7.7 权威指南中文版</title>
	<meta name="keywords" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <meta name="description" content="ElasticSearch 权威指南中文版, elasticsearch 7, es7, 实时数据分析，实时数据检索" />
    <!-- Give IE8 a fighting chance -->
    <!--[if lt IE 9]>
    <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
    <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
    <![endif]-->
	<link rel="stylesheet" type="text/css" href="../static/styles.css" />
	<script>
	var _link = 'security-api-saml-logout.html';
    </script>
</head>
<body>
<div class="main-container">
    <section id="content">
        <div class="content-wrapper">
            <section id="guide" lang="zh_cn">
                <div class="container">
                    <div class="row">
                        <div class="col-xs-12 col-sm-8 col-md-8 guide-section">
                            <div style="color:gray; word-break: break-all; font-size:12px;">原英文版地址: <a href="https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-saml-logout.html" rel="nofollow" target="_blank">https://www.elastic.co/guide/en/elasticsearch/reference/7.7/security-api-saml-logout.html</a>, 原文档版权归 www.elastic.co 所有<br/>本地英文版地址: <a href="../en/security-api-saml-logout.html" rel="nofollow" target="_blank">../en/security-api-saml-logout.html</a></div>
                        <!-- start body -->
                  <div class="page_header">
<strong>重要</strong>: 此版本不会发布额外的bug修复或文档更新。最新信息请参考 <a href="https://www.elastic.co/guide/en/elasticsearch/reference/current/index.html" rel="nofollow">当前版本文档</a>。
</div>
<div id="content">
<div class="breadcrumbs">
<span class="breadcrumb-link"><a href="index.html">Elasticsearch Guide [7.7]</a></span>
»
<span class="breadcrumb-link"><a href="rest-apis.html">REST APIs</a></span>
»
<span class="breadcrumb-link"><a href="security-api.html">Security APIs</a></span>
»
<span class="breadcrumb-node">SAML logout API</span>
</div>
<div class="navheader">
<span class="prev">
<a href="security-api-saml-authenticate.html">« SAML authenticate API</a>
</span>
<span class="next">
<a href="security-api-saml-invalidate.html">SAML invalidate API »</a>
</span>
</div>
<div class="section xpack">
<div class="titlepage"><div><div>
<h2 class="title">
<a id="security-api-saml-logout"></a>SAML logout API<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a><a class="xpack_tag" href="https://www.elastic.co/subscriptions"></a>
</h2>
</div></div></div>
<p>Submits a request to invalidate an access token and refresh token.</p>
<div class="note admon">
<div class="icon"></div>
<div class="admon_content">
<p>This API is intended for use by custom web applications other than Kibana.
If you are using Kibana, see the <a class="xref" href="saml-guide.html" title="Configuring SAML single-sign-on on the Elastic Stack"><em>Configuring SAML single-sign-on on the Elastic Stack</em></a>.</p>
</div>
</div>
<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-saml-logout-request"></a>Request<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a>
</h3>
</div></div></div>
<p><code class="literal">POST /_security/saml/logout</code></p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-saml-logout-desc"></a>Description<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a>
</h3>
</div></div></div>
<p>This API invalidates the tokens that were generated for a user by the
<a class="xref" href="security-api-saml-authenticate.html" title="SAML authenticate API">SAML authenticate API</a>.</p>
<p>If the SAML realm in Elasticsearch is configured accordingly and the SAML IdP supports
this, the Elasticsearch response contains a URL to redirect the user to the IdP
that contains a SAML logout request (starting an SP-initiated SAML Single Logout).</p>
<p>Elasticsearch exposes all the necessary SAML related functionality via the SAML APIs.
These APIs are used internally by Kibana in order to provide SAML based
authentication, but can also be used by other custom web applications or other
clients. See also <a class="xref" href="security-api-saml-authenticate.html" title="SAML authenticate API">SAML authenticate API</a>,
<a class="xref" href="security-api-saml-prepare-authentication.html" title="SAML prepare authentication API">SAML prepare authentication API</a>,
and <a class="xref" href="security-api-saml-invalidate.html" title="SAML invalidate API">SAML invalidate API</a>.</p>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-saml-logout-request-body"></a>Request body<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">token</code>
</span>
</dt>
<dd>
(Required, string) The access token that was returned as a response to calling the
<a class="xref" href="security-api-saml-authenticate.html" title="SAML authenticate API">SAML authenticate API</a>. Alternatively, the most
recent token that was received after refreshing the original one by using a
<code class="literal">refresh_token</code>.
</dd>
<dt>
<span class="term">
<code class="literal">refresh_token</code>
</span>
</dt>
<dd>
(Optional, string) The refresh token that was returned as a response to calling the
<a class="xref" href="security-api-saml-authenticate.html" title="SAML authenticate API">SAML authenticate API</a>. Alternatively, the
most recent refresh token that was received after refreshing the original access token.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-saml-logout-response-body"></a>Response body<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a>
</h3>
</div></div></div>
<div class="variablelist">
<dl class="variablelist">
<dt>
<span class="term">
<code class="literal">redirect</code>
</span>
</dt>
<dd>
(string) A URL that contains a SAML logout request as a parameter. The user
can use this URL to be redirected back to the SAML IdP and to initiate Single
Logout.
</dd>
</dl>
</div>
</div>

<div class="section">
<div class="titlepage"><div><div>
<h3 class="title">
<a id="security-api-saml-logout-example"></a>Examples<a class="edit_me edit_me_private" rel="nofollow" title="Editing on GitHub is available to Elastic" href="https://github.com/elastic/elasticsearch/edit/7.7/x-pack/docs/en/rest-api/security/saml-logout-api.asciidoc">edit</a>
</h3>
</div></div></div>
<p>The following example invalidates the pair of tokens that were generated by
calling the <a class="xref" href="security-api-saml-authenticate.html" title="SAML authenticate API">SAML authenticate API</a>
with a successful SAML response:</p>
<div class="pre_wrapper lang-console">
<pre class="programlisting prettyprint lang-console">POST /_security/saml/logout
{
  "token" : "46ToAxZVaXVVZTVKOVF5YU04ZFJVUDVSZlV3",
  "refresh_token" : "mJdXLtmvTUSpoLwMvdBt_w"
}</pre>
</div>
<div class="console_widget" data-snippet="snippets/2132.console"></div>
<p>The API returns the following response:</p>
<div class="pre_wrapper lang-js">
<pre class="programlisting prettyprint lang-js">{
  "redirect" : "https://my-idp.org/logout/SAMLRequest=...."
}</pre>
</div>
</div>

</div>
<div class="navfooter">
<span class="prev">
<a href="security-api-saml-authenticate.html">« SAML authenticate API</a>
</span>
<span class="next">
<a href="security-api-saml-invalidate.html">SAML invalidate API »</a>
</span>
</div>
</div>

                  <!-- end body -->
                        </div>
                        <div class="col-xs-12 col-sm-4 col-md-4" id="right_col">
                        
                        </div>
                    </div>
                </div>
            </section>
        </div>
    </section>
</div>
<script src="../static/cn.js"></script>
</body>
</html>